The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Voice service is vulnerable to a number of attacks that can compromise the confidentiality, integrity and authenticity of voice communication. This paper describes the design of communication protocols for securing SIP based VOIP communication. It presents the architectural principles involved and the overall security solution comprising the design of secure extensions to SIP messages. Finally it...
While gracefully combining FMIPv6 and HMIPv6 together, F-HMIPv6 enables the best performance in terms of handover latency and signaling overhead. Recently, to protect F-HMIPv6, Kang and Park proposed a security scheme. This scheme successfully achieves seamless integration with FHMIPv6 while providing the session key exchange as well as the mobile node authentication. In this paper, Kang-Park's scheme...
Proxy mobile IPV6 protocol is a network-based mobility management protocol. Mobile node does not need to participate in any PMIPv6 messages. A certificated-based authentication mechanism based on the public key infrastructure is proposed in this article. It can be used to protect and authenticate two proxy binding messages of PMIPv6. In addition, we use SVO formal logic to analysis the security of...
Combined with the grid development, this article analyzed the current widespread adoption of authentication mechanisms and researched GSI program and KX.509 program in different grid environment. With the proxy idea of KX.509, using and implementing a Web-login module to build the grid authentication model in the Globus environment. The module provides the transparent user certificate generation,...
This paper first analyzes authentication and key agreement protocol adopted by 3rd generation partnership project (3GPP) system architecture evolution (SAE) release 8 standard, and points out the security problems solved and not solved in contrast with third generation wireless communications. Then we focus on several security defects in the protocol, and based on public key cryptosystem, puts forward...
A gateway-oriented password-based authenticated key exchange (GPAKE) scheme allows a client to establish an authenticated session key with a gateway via the help of an authentication server, where the client has pre-shared a password with the server. The desirable security properties of a GPAKE include session key semantic security, key privacy against the server, and password guessing attacks resistance...
The session initiation protocol (SIP) is an application-layer control protocol for creating, modifying, and terminating sessions with one or more participants in the IP-based telephony environment.Yang et al. and Huang et al. proposed a secure authentication scheme for session initiation protocol.Yang's scheme is based on Deffi-Hellman key agreement scheme and a combination of hash functions. In 2006,...
The user-based security model and its replay protection principium are firstly introduced and then a replay protection scheme based on random number is proposed to avoid baleful replay attack because of the inefficiency of the USM. A random number is used as the authentication between manager and agent in this scheme, and the number is changed on each message exchange to ensure the agent can identify...
After the worldpsilas largest retailer, Wal-Mart, has implemented RFID (Radio Frequency Identification), the global suppliers are actively devoted to EPC (Electronic Product Code) research and development. Since RFID has advantages of a long life, safe, and free from environmental constraints, RFID EPC can achieve benefits such as saving manpower costs, expressing logistics management, reducing man-made...
Low cost radio frequency identification (RFID) like EPC Gen 2 is one kind of most popular RFIDs in the market. However, as studied by several researchers, Gen 2 is not secure. Therefore, many researchers have devoted to improving the security. However, in addition to the fact the security of these improved schemes are still questionable, these solutions inevitably increase the cost of tags and inevitably...
A deniable authentication can be used to provide secure negotiation on the Internet. Although many deniable authentication protocols have been proposed, most of them are interactive or vulnerable to various cryptanalytic attacks. To find a secure and efficient deniable authentication protocol, by encrypting a random and the time stamp and signing the corresponding ciphertext and the message to be...
Through the analysis of the characteristics of Bluetooth piconet and Bluetooth's security architecture, this paper gives out a scheme of group key agreement based on Diffie-Hellman key agreement protocol. It affords a method that nodes can authenticate each other in the Bluetooth piconet and defeat threats derived from Bluetooth link-level. In the last place, the feasibility of the scheme is verified.
RADIUS (remote authentication dial in user service) is an authentication, authorization and accounting protocol being widely used in network environments. However, it has a set of vulnerabilities that are either caused by the protocol, or caused by poor implementation and exacerbated by the protocol. First the overview of RADIUS protocol including basic operation of RADIUS protocol is studied. Then...
We provide a framework for implementing IPSec security services in a well-structured functional architecture based on a layered functional architecture for network security management. The proposed architecture is modular, and supports open standards and interfaces, and implements the security services of IPSec as an integrated solution under a unified security management system.
Through the analysis and research of Bluetooth's security architecture, in this paper it gives out the security architecture based on user authentication and block cipher that is not provided natively by Bluetooth. It can defeat threats of only adopted Bluetooth link-level authentication and E0 stream cipher.
In this paper, we identify a vulnerability of IEEE 802.11 wireless Mesh LANs in which a compromised mesh point can still receive data from other mesh points. Then we propose a new protocol that can counter this attack by considering the effective period of both the mesh points (MPs) when decide the lifetime of the key shared between them. We also amend 802.11s draft in order not to bring about a fundamental...
BAN logic can prove whether a protocol can reach expected target and find some flaws in the protocol. The paper analyzed constitute of BAN logic and analysis steps. On the basis of the above work, BAN logic was used to construct an ideal model of the Otway-Rees protocol and the security of the protocol was analyzed with the initial hypothesis and the logic postulate. The paper also pointed out various...
Voice over Internet Protocol (VoIP) service has been a very popular and important application over the Internet. Recently, wireless mesh networks (WMNs) has been considered as a good solution for VoIP services due to low cost and convenience, easy deployment and larger area coverage. However, many relevant security issues have been raised for integrating IP Telephony into the existent applications...
In order to secure RFID transactions, an authentication scheme has originally been included as part of the "EPC Gen2" industrial standard. This scheme, however, has been found to have some weaknesses. To overcome such weaknesses, some authors have proposed new schemes to improve its security. Two of the latest proposals are the Lim-Li protocol and the Konidala-Kim-Kim protocol presented...
Multicast services raise significant operational and security challenges not only when deployed on the Internet layer, but also in overlay networks. Large P2P groups as emerging from IPTV applications may be abused by unwanted traffic or denial of service attacks through amplified flooding. In this paper, we introduce a distributed, autonomously verifiable scheme for multicast sender authentication,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.